Free radius installation

José Campos jjscampos at gmail.com
Mon Jan 25 10:49:32 CET 2010 

Hello,
Ok after radius -X command nmap shows me that radius ports are open.
...
[root at localhost ~]# nmap -v -sU localhost

Starting Nmap 5.00 ( http://nmap.org ) at 2010-01-25 09:36 WET
NSE: Loaded 0 scripts for scanning.
Warning: Hostname localhost resolves to 2 IPs. Using 127.0.0.1.
Initiating UDP Scan at 09:36
Scanning localhost (127.0.0.1) [1000 ports]
Completed UDP Scan at 09:36, 1.21s elapsed (1000 total ports)
Host localhost (127.0.0.1) is up (0.0000090s latency).
Interesting ports on localhost (127.0.0.1):
Not shown: 996 closed ports
PORT     STATE         SERVICE
111/udp  open|filtered rpcbind
1812/udp open|filtered radius
1813/udp open|filtered radacct
5353/udp open|filtered zeroconf

Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 1.26 seconds
           Raw packets sent: 1004 (28.112KB) | Rcvd: 996 (55.776KB)
[root at localhost ~]#
...


	I've changed iptable rules as you mentioned, but with no better
results. Even with the firewall turned off, still have any response from
server, as you can see here(info from two consoles):

...(console#1)
...
...
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /var/run/radiusd/radiusd.sock
Listening on proxy address * port 1814
Ready to process requests.
...

... (console#2)
[root at localhost ~]# radtest test test localhost 0 testing123
Sending Access-Request of id 42 to ::1 port 1812
        User-Name = "test"
        User-Password = "test"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
Sending Access-Request of id 42 to ::1 port 1812
        User-Name = "test"
        User-Password = "test"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
Sending Access-Request of id 42 to ::1 port 1812
        User-Name = "test"
        User-Password = "test"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
radclient: no response from server for ID 42 socket 3
[root at localhost ~]#
...

         Atentamente,

         José Campos

-----Mensagem original-----
De: freeradius-users-bounces+jjscampos=gmail.com at lists.freeradius.org
[mailto:freeradius-users-bounces+jjscampos=gmail.com at lists.freeradius.org]
Em nome de Alan Buxey
Enviada: domingo, 24 de Janeiro de 2010 21:22
Para: FreeRadius users mailing list
Assunto: Re: Free radius installation

Hi,
> I did used nmap like bellow:
> 
> [root at localhost raddb]# nmap -v -O localhost

nmap -v -sU localhost

thats a UDP scan
 
> As I understood is that everything all right with iptables?

not really - did you read what I wrote?  How can you do a state check
on what is a stateless protocol? 

 -p udp --dport 1812 -j ACCEPT
 -p udp --dport 1813 -j ACCEPT

would be more suitable

> Can I debug somehow with more details the radtest command sugested on the
> freeradius toturial

get past the basics first - you could always also use eg 'tcpdump' to see
what
traffic is on port 1812 on the localhost....

eg tcpdump -eqnntl -i eth0 port 1812

alan
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list